1. Field of the Invention
The invention relates to a data management system constructed by a plurality of information processing apparatuses connected to a network and a security managing server for making security management to data which is used by the information processing apparatuses.
2. Related Background Art
In recent years, electronic documents are handled in various PCs (personal computers) and input/output apparatuses (printing apparatus, multi-function apparatus, and the like) through a network, the number of opportunities in which secret information flows outside, such as printing or distribution by a printer, storage into a personal PC, storage or taking-out into/from a USB storage, and the like is increasing, and further, it is also difficult to specify an outflow path. Therefore, importance is attached to security for preventing an information leakage and various measures for assuring the security are taken.
As such measures, for example, there are: a measure in which the electronic document itself is encrypted and only the user having an access right is enabled to access it; a measure in which transmission data of the network is encrypted and the transmitter and the receiver use a decoding key in common; a measure in which the access of the printing apparatus itself is managed by a user ID or a password and the data is printed only when authentication is obtained; and the like.
However, there is such a problem that the above measures relate to the security for a local process and even if various measures are combined, a load of an access right setting person increases. In dependence on a combination of the above measures, there is such a problem that a security hole due to a setting leakage occurs. Further, it is difficult to prevent the information leakage which is caused when the access right setting person takes out the electronic document or the like.
Therefore, an attention is paid to the measure called a secure document system in which the PCs and input/output (I/O) apparatuses connected to the network and the electronic documents which are handled in the PCs and I/O apparatuses are unitarily managed by a security managing server. As such a secure document system, for example, there has been disclosed a system which has a security managing server for making access right management to an encrypted electronic document and in which a PC or an input/output apparatus connected to a network has to obtain authentication from the security managing server in order to access the encrypted electronic document (for example, refer to Japanese Patent Application Laid-Open No. 2004-280227).
Therefore, the PC or the I/O apparatus needs to be connected to the security managing server in order to access the encrypted electronic document. Even if the electronic document is taken out of the network, since no authentication is obtained, the access cannot be performed at all, and all of access situations and access histories of the PCs, applications, and I/O apparatuses which access the electronic document can be unitarily managed.
However, to access the encrypted electronic document as characteristics of the secure document system disclosed in Japanese Patent Application Laid-Open No. 2004-280227, the apparatus needs to be connected to the security managing server. There is, consequently, such a problem that it is impossible to satisfy such a request that the user wants to access the encrypted electronic document even in an environment such as meeting in a meeting room or destination of a business trip where the apparatus cannot be connected to the security managing server.